VDB

GCVE-VVD-MAGEIA-2020-206

GCVE-VVD-MAGEIA-2020-206
Advisory Published
Vulnetix · Advisory published September 10, 2020
Updated roundcubemail packages fix security vulnerabilities: - Cross-Site Scripting (XSS) via malicious HTML content (CVE-2020-12625) - CSRF attack can cause an authenticated user to be logged out (CEV-2020-12626) - Remote code execution via crafted config options - Path traversal vulnerability allowing local file inclusion via crafted 'plugins' option
Download JSON Open in Console

Affected Products

VendorProductVersionsPlatforms
Mageiallvm0 (affected), 8.0.0-1.1.mga7 (unaffected)
Mageiaroundcubemail0 (affected), 1.3.11-1.mga7 (unaffected), 0 (affected), 1.3.11-1.mga7 (unaffected)
Mageiarust0 (affected), 1.43.1-1.mga7 (unaffected)

Aliases

CVE-2020-12626CVE-2020-12625

Transitive aliases

EUVD-2020-4927CVE-2020-12640BDU:2023-07518CNVD-2020-31750EUVD-2020-4926GHSA-j63m-cchh-gcjvGHSA-q9jx-pp2v-v8xhGHSA-3q5x-3fpw-pfv9GHSA-mv3h-r8j8-38ccEUVD-2020-4941BDU:2020-03991VVD-GENTOO-2020-720876GSD-2020-12626BDU:2020-03992CVE-2020-12641VVD-CISA-2020-12641EUVD-2020-4942

References

Updated roundcubemail packages fix security vulnerabilities
fix
Updated roundcubemail packages fix security vulnerabilities
advisory
Updated roundcubemail packages fix security vulnerabilities
advisory
Updated roundcubemail packages fix security vulnerabilities
issue
Updated rust packages provide Rust 1.43.1 for Firefox 78 ESR
advisory
Updated rust packages provide Rust 1.43.1 for Firefox 78 ESR
issue
Updated rust packages provide Rust 1.43.1 for Firefox 78 ESR
issue
Updated rust packages provide Rust 1.43.1 for Firefox 78 ESR
issue
Updated rust packages provide Rust 1.43.1 for Firefox 78 ESR
issue
Updated rust packages provide Rust 1.43.1 for Firefox 78 ESR
issue
Updated rust packages provide Rust 1.43.1 for Firefox 78 ESR
issue
Updated rust packages provide Rust 1.43.1 for Firefox 78 ESR
issue

Browse GCVE Records

100 records in the GCVE database · Updated April 16, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

Open in Console Download JSON
$ Console Community · 100/wk Open console ›